Which of the following excerpts would come from a corporate policy?
Answer : D
In which of the following scenarios would a tester perform a Kerberoasting attack?
Answer : C
While trying to maintain persistence on a Windows system with limited privileges, which of the following registry keys should the tester use?
Answer : C
Reference:
https://www.redcanary.com/blog/windows-registry-attacks-threat-detection/
A penetration tester has a full shell to a domain controller and wants to discover any user account that has not authenticated to the domain in 21 days. Which of the following commands would BEST accomplish this?
Answer : D
Which of the following properties of the penetration testing engagement agreement will have the LARGEST impact on observing and testing production systems at their highest loads?
Answer : B
HOTSPOT -
Instructions:
Given the following attack signatures, determine the attack type, and then identify the associated remediation to prevent the attack in the future.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
You are a security analyst tasked with hardening a web server.
You have been given a list of HTTP payloads that were flagged as malicious.
Hot Area:
Answer :
In a physical penetration tester testing scenario. the penetration tester obtains physical access to a laptop. The laptop is logged in but locked. Which of the following is a potential NEXT step to extract credentials from the device?
Answer : A
A penetration tester is preparing to conduct API testing. Which of the following would be MOST helpful in preparing for this engagement?
Answer : D
Reference:
https://blog.securelayer7.net/api-penetration-testing-with-owasp-2017-test-cases/
A security guard observes an individual entering the building after scanning a badge. The facility has a strict badge-in and badge-out requirement with a turnstile.
The security guard then audits the badge system and finds two log entries for the badge in question within the last 30 minutes. Which of the following has MOST likely occurred?
Answer : A
If a security consultant comes across a password hash that resembles the following: b117525b345470c29ca3d8ae0b556ba8
Which of the following formats is the correct hash type?
Answer : D
During an internal network penetration test, a tester recovers the NTLM password hash for a user known to have full administrator privileges on a number of target systems. Efforts to crack the hash and recover the plaintext password have been unsuccessful.
Which of the following would be the BEST target for continued exploitation efforts?
Answer : C
Which of the following would be the BEST for performing passive reconnaissance on a targetג€™s external domain?
Answer : D
Reference:
https://www.securitysift.com/passive-reconnaissance/
A penetration tester delivers a web application vulnerability scan report to a client. The penetration tester rates a vulnerability as medium severity. The same vulnerability was reported as a critical severity finding on the previous report. Which of the following is the MOST likely reason for the reduced severity?
Answer : A
An attacker uses SET to make a copy of a companyג€™s cloud-hosted web mail portal and sends an email in hopes the Chief Executive Officer (CEO) logs in to obtain the CEOג€™s login credentials. Which of the following types of attacks is this an example of?
Answer : A
Reference:
https://www.social-engineer.org/framework/influencing-others/elicitation/